[Samba] Getting a list of users in a group - how?

Tobias Bluhm tobias.bluhm at philips.com
Fri Jun 23 12:14:04 GMT 2006


My crude hack at a solution, but it works for me so here goes . . . . .

#!/bin/sh
# /usr/local/bin/get_grp_mem <domain group>
#
# <domain sid> is derived from:
#
# wbinfo -n <domain account>
#
# S-1-2-33-4444444444-555555555-666666666-XXXXX User (1)
#
# <domain sid> = S-1-2-33-4444444444-555555555-666666666
#
grpid=`wbinfo -n $1 | sed 's/<domain sid>-//' | sed 's/ Domain..*//'`
for i in `rpcclient -W <domain name> -U <domain account>%<password> -c 
"querygroupmem  \ 
$grpid" <domain controller> | tr -s '\t' ' ' | sed 's/^ rid:\[0x//g' | sed 
's/\] attr:\[0x7\]//g'`
do
wbinfo -s <domain sid>-`echo ${i} | /usr/local/bin/hex2ascii`
done
#end-of-script


#!/usr/bin/perl -w
# /usr/local/bin/hex2ascii
#
use Term::ANSIColor;
$con=hex("$ans");
print "$con\n";
#end-of-script


-----------------------------------------------------
toby bluhm
philips medical systems, cleveland ohio
tobias.bluhm at philips.com
440-483-5323


> Hi all,
> 
> Hopefully this is a simple one - I'm trying to work out how to get a
> list of users in a certain group.  If I have the following set up in
> Active Directory:
> 
>   Group1
>    - UserA
>    - UserB
> 
>   Group2
>    - UserC
>    - UserD
> 
>   AllGroups
>    - Group1
>    - Group2
>    - UserX
> 
> Then I want to be able to say "List all users in the AllGroups group"
> and I should get UserA,B,C,D and UserX returned.
> 
> I'm not sure how to go about this - wbinfo only seems able to return
> the groups a single user is a member of, and 'getent group' only
> returns people specifically in that group (i.e. "getent group
> AllGroups" only returns UserX, it ignores the nested groups, even
> if "winbind nested groups = yes" in smb.conf.)
> 
> Any ideas how to list *all* the users in a specific group?
> 
> Thanks,
> Adam.



More information about the samba mailing list